Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

Empowering Individuals and Organizations to ‘Respect Privacy’

Published 02/14/2023

Empowering Individuals and Organizations to ‘Respect Privacy’

Originally published by BARR Advisory on January 23, 2023.

Written by Kyle Cohlmia, BARR Advisory.

This week is Data Privacy Week, an annual campaign hosted by the National Cybersecurity Alliance. The theme of this year’s Data Privacy Week is “respect privacy,” with the goal to help individuals and organizations understand why it is important to respect the privacy of personal and consumer information in today’s digital age.

Let’s take a closer look at what data privacy means and how you and your organization can advocate for improved privacy for all users.

What is Data Privacy?

Data privacy, put simply, is the right to keep data generated about you and your online activity private. For example, information like your birthday, the websites you visit, and products you purchase can all be tracked online and used to target specific ads towards you.

According to the Pew Research Center, 79% of U.S. adults report being concerned about the way their data is being used by companies. This statistic demonstrates the importance of being open about how your organization uses and protects consumer data. Transparency will not only differentiate your organization, but also inspire trust in consumers and enhance your reputation.

While we can’t keep all of our data private at all times, it’s important to understand your data privacy rights that protect you from having to share certain personal data, who has access to your data, and how much access they have.

Creating a Culture of Privacy

Privacy awareness starts with culture. When building a culture of privacy in your organization, it’s important to have buy-in from your leadership team. This demonstrates to employees that not only does privacy matter, but it’s a priority.

When you begin to create a culture of privacy in your organization, it may make sense to build a business case for privacy. For example, if there are legal or compliance concerns that affect your organization, or privacy is important to your clients, demonstrating a commitment to consumer privacy will be good for your business goals.

Raising Privacy Awareness

Once you’ve established a culture of privacy within your workplace, it gets easier to raise awareness. Organizations can run internal privacy campaigns and share educational materials, lectures, and guides to get the message across their organization.

A data privacy ambassador can also help raise awareness within your organization. Designating a specific person or team to research the many available resources online, and promote those resources internally, empowers teammates to make smart cybersecurity choices.

Privacy Training and Tools for the Workplace

When it comes to privacy, education is incredibly important. There are many different companies that offer privacy training, which means your organization can find the one that works best for your culture. Depending on your organization, an in-person class or lecture may work best. If you’re a remote company, you may want to choose an online course.

The cost of prioritizing privacy amongst your employees pales in comparison to the cost of a potential data breach. There are plenty of tools that organizations can easily provide employees to help them with their privacy, such as:

  • Company-branded camera covers
  • Privacy screens for personal devices
  • Virtual private networks (VPNs) to secure connections
  • Password management software

Privacy for Everyday—Protecting Your Data Story

Data privacy is not just for organizations who manage consumer data. It’s also for individuals. Every time you access the internet, you add to a list of data that tells your story. This “data story” has value, and it’s important to be selective with who and where you share your data.

Here are a few tips from the National Cybersecurity Alliance for practicing data privacy on a daily basis, and how you can take control of your personal data story.

  1. Know what you can’t control—While you can’t control how all your data is shared or viewed, you can better understand the balance between convenience and privacy. Decide what’s worth sharing on your devices and software, and what might be smart to keep private.
  2. Make data privacy a habit—Make it a habit to pay attention to the types of requests an app, website, device, or software is asking and take control of what you share in regards to information like location, contacts, photos, and digital behavior. Take the time to think about what you want to share and when.
  3. Regularly check your settings—Unless you need a specific app to function at all times, it can be helpful to regularly check and turn off default settings, like your camera, microphone, location, and synced contacts. This deters certain apps from collecting data at all times and ensures your settings are fixed for your comfort level.
  4. Delete apps you don’t use—A best practice for data privacy is to go through your devices every few months and delete those you may not use anymore. Many apps collect and share your data, so restricting access to those you no longer need can only protect your privacy further.

On the topic of privacy, Senior Consultant Megan Sajewski said, “Privacy is an essential right of all human beings. Practicing privacy in our workplaces is baked into the C of the CIA triad—confidentiality.”

Share this content on your favorite social network today!